On Wed, Dec 06, 2023 at 07:31:41PM -0500, Viktor Dukhovni via Postfix-devel
wrote:
> However, I am concerned about the use of `bson_new_from_json()` and its
> need to quote the MongoDB operators. This feels completely unnatural.
> How is there then a distinction between:
>
> $or: [...]
>
> and
>
> "$or": [...]
>
> the latter should be a verbatim key called "$or", not a MongoDB
> operator. How do we avoid having issues with inputs that contain a
> leading "$", or are the leading "$" signs only special in the JSON
> object key, rather than the value? This needs to be understood and
> documented. As well as clarifying any potential confusion around
> projections...
It does, however, look overloading:
{ "$operator": ... }
to be the same as:
{ $operator: ... }
is expected practice with MongoDB:
https://github.com/mongodb/mongo-c-driver/blob/54f737ea488caadac0cf9275c4be1fbb37cf5609/src/libmongoc/tests/test-mongoc-matcher.c#L222-L267
So the best we can hope for is that this overloading is restricted to
keys, and never applies to values in queries, so that in:
{ "$or": [ "foo": "$bar" ] }
only "$or" is special, while "$bar" is a literal. Users will then have
to know to let untrusted content leak into query keys, but that should
be obvious regardless of metacharacter issues.
I am still uneasy about this. What if one really wanted a key that
starts with "$"? Ideally the API would have supported operators without
overloading already quoted strings.
--
Viktor.
_______________________________________________
Postfix-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
